Lyubomir Tulev, Cybersecurity Expert, on Bloomberg TV: Companies’ Vulnerability Comes From Untimely Check of the Partners and the Products They Work With

The cybersecurity expert at AMATAS Lyubomir Tulev was a guest at Bloomberg TV’s show Business Start in order to comment on the scandal with the presumable spy microchips, found at Amazon’s and other companies’ products.

In 2015, Amazon was looking for ways to improve its videostreaming service and contacts Elemental Technologies, which uses elements of Super Micro Computer Inc. On a later stage, when Amazon starts a business check of Elemental Technologies with the idea to buy it, a third-party audit found that there is a rice grain-sized microchip on the motherboard, which isn’t evident at the preliminary integrated circuits.

Bloomberg Businessweek blames the company in one of its articles, claiming it had implanted spy microchips in these products with the aim to infiltrate their clients’ inner network.

“Currently, China is the biggest technical manufacturer […] 90% of the smartphones, or better said – of smartphones’ elements, are produced in China. We cannot expect something different. It is a real giant – a country which has the technical possibilities”, Tulev comments.

The expert explained that these chips create conditions for the so called ‘backdoor’, or vulnerability in terms of penetration through a backdoor in the hardware, which is extremely difficult to be identified. He emphasized on the need of double checking from an independent company which should research the possibilities of the chip, at the time being remaining totally in the sphere of speculation.

“All this vulnerability is happening because this check of the companies hadn’t been made, which could have guaranteed the end product for clients”, the expert adds.

If the suspicions that companies like Amazon and Apple have provided their clients with unchecked products, which have enabled other parties to steal and analyze their information, a massive scandal will surely follow, therefore shares and trust drop is very likely. However, according to Tulev one of the positive effects of such a scenario would be that companies would eventually start making the proper checks.

The association with the scandals around Facebook’s leak of personal data of around 50 million users is inevitable. Tulev said that in this case users didn’t have any fault – it was completely up to Facebook’s platform configuration.

“When a particular user decides to see his/her profile in the way it looks for a friend and types his/her name, Facebook automatically and independently from the user creates a session between the friend’s view and Facebook. Hackers now can simply copy this session (token – a series of symbols, which is incorporated in the form of cookies in the user’s browser every time he/she logs in the platform)”, Tulev said.

He recommended always to use the Log out option after you finish your work on Facebook or any other website which requires username and password. Nevertheless, the cybersecurity expert admits that even if these precautions have been taken, they wouldn’t have preventive effect over the vulnerability stemming from the View as option.